<?php
/*
 * [JINYUN!] (C)2001-2099 Jinyunweb.com
 * This is NOT a freeware, use is subject to license terms
 * $Id: 2017-12-13 03:39:35 apple $
*/
define('NOSESSION',true);
require_once '../../core/core.php';
define('NO_ERROR_RETURN',true);
define('JSAPI',true);
//其他会员一键登录
if($_GET['i']){
	$_SESSION['uniacid']=$_GET['i'];
	unset($_GET['i']);
	$basic=plugin('jy_wechatnews')->plugin_setting('basic');
	if(!$basic['secret']){
		exit('基本设置-密钥未保存！');
	}
}else{
	exit('访问异常！');
}
if($_GET['appopenid'] && $_GET['timestamp'] && $_GET['sign']){
	$time=$_GET['timestamp'];
	if($time && ((TIMESTAMP+1800) >$time) && (TIMESTAMP-$time)<1800){
		$sign=$_GET['sign'];
		if(!$_GET['username'] || !$_GET['pass'] || !$_GET['mid'] || !$_GET['jinfen']){
			exit('参数不能为空！');
		}
		$record = pdo_get('core_users',array('name'=>$_GET['username']),array('id','salt','password'));
		if(!check_password($_GET['pass'],$record['salt'],$record['pass'])){
			exit('SAAS账号不存在或密码错误！');
		}
		$check_sign=md5($_GET['username'].$_GET['pass'].$_GET['mid'].$_GET['jinfen'].$_GET['timestamp'].$_GET['secret']);
		if($check_sign == $sign){
			$member=pdo_get('core_members',array('id'=>trim($_GET['mid']),'uniacid'=>$_SESSION['uniacid']),array('id'));
			if(!$member['id']){
				exit('会员ID错误,充值失败！');
			}
			model('core/member')->member_credit($member['id'],'credit3',$_GET['jinfen'],true,'jy_wechatnews','接口充值');
		}else{
			exit('签名错误,充值失败！');
		}
	}else{
		exit('免签充值签名已失效！');
	}
}else{
	exit('参与异常！');
}